What all layers of security do you implement for your windows environment ?
I run OSSEC, and I harden all of my Windows(1) Installations, along with Debian boxes. I run Windows solely on my Consulting rig. As much as I live GW, I only keep windows for some clients I have. For outer security I have a pfsense router, on the outside of a managed switch. I have a pretty strict set of firewall rules, and open ports.